3.1.2.6 maxrepeats

Information

Defines the maximum number of times a character may appear in a password.

Rationale:

In setting the maxrepeats attribute, it enforces a maximum number of character repeats within a password.

Solution

In/etc/security/user, set the default user stanza maxrepeats attribute to 2:

chsec -f /etc/security/user -s default -a maxrepeats=4

This means that a user may not use the same character more than four (4) times in a password.
This value has been increased from two (2) - in parallel with the increase in minlen from eight (8) to fourteen (14).

Default Value:

maxrepeats=8

See Also

https://workbench.cisecurity.org/files/3525

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1), CSCv7|4.4

Plugin: Unix

Control ID: 18fbd33ce9cc259677d8cde65eabf22ff43823952e80394ded3c7cdd86449c62